On May 21, 2024, Ivanti disclosed six critical-severity SQL Injection vulnerabilities affecting Ivanti Endpoint Manager, specifically versions 2022 SU5 and earlier. These six vulnerabilities, identified as CVE-2024-29822 through CVE-2024-29827, each carry a Common Vulnerability Scoring System (CVSS) score of 9.6. They allow unauthenticated attackers within the same network to execute arbitrary code on the Core server. This disclosure was made simultaneously with the release of a security hot patch.

Having some form of a security operations center (SOC) to protect and secure your assets, applications, and infrastructure is no longer optional. As cyber criminals grow more sophisticated and modern complexities (remote work, the cloud, international operations) expand the attack surface, a SOC becomes a critical line of defense. It works proactively and reactively and can help an organization advance their security posture while dealing with immediate threats.

You can’t secure what you can’t see goes the saying in cybersecurity. That’s why holistic visibility is so crucial for organizations tasked with staying safe in the evolving threat landscape, as it gives you full visibility into your environment. But there’s another adage that matters even more, because without access to log sources and the proper ingestion of their data, you can’t see the forest for the trees. But what are log sources? What does proper ingestion look like?

Law firms are in a precarious position when it comes to cyber risk. These organizations are tasked with storing large amounts of sensitive information — from corporate finances to client data to intellectual property (IP) — and, as such, are finding themselves in the crosshairs of threat actors.

On May 6, 2024, Bishop Fox publicly disclosed a vulnerability along with a proof of concept (PoC) exploit in Citrix NetScaler ADC and Gateway, identified as an unauthenticated out-of-bounds memory read issue in the components used for Authentication, Authorization, and Auditing (AAA).

On May 8, 2024, Ascension Healthcare notified business partners of suspicious activity detected within their systems. They have launched investigations and are actively working on remediation efforts. Consequently, some systems will experience interruptions during this process, such as clinical operations. Ascension is currently working with Mandiant to investigate the compromise and whether sensitive data was affected, if at all.

Classrooms have never been more connected. Many students are issued laptops or tablets instead of textbooks, while teachers and administrators rely on dozens of apps and connected devices like Smartboards to provide instruction, track grades, manage bus schedules, create budgets, and orchestrate countless other school-related activities.

K-12 schools, colleges, and universities store massive amounts of personal information for students, parents, and employees. This means that, while they may not make the news as much as other breaches, schools, colleges, and universities are under constant attack by modern threat actors.

A law firm can only be successful if it can meet the needs of its clients, and few components put that success at risk more than the rising danger and repercussions of a cyber attack. In addition to the time, effort, and money a firm must spend responding to a successful breach, employees may find themselves unable to access the firm’s technology and, therefore, unable to bill hours.